Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
732
Views
0
Helpful
2
Replies

Guest network not working between cisco 1830 to asa 5506

apereira
Level 1
Level 1

‎06-20-2019 06:59 AM - edited ‎07-05-2021 10:35 AM

Hello,


Not sure why its not working but what happened is I had my cisco ASA 5506 die and I ordered a replacement. I restored the config but the only thing that is not working is the Guest wifi network. The regular network for internal works fine.

I am far from being all that savy with cisco products, but from what I see the guest network is setup with a vlan tag 666. I look on the cisco asa 5506 and i see a dmz network with a vlan id of 666. It has a ip range setup for it. It seems to me that when i try to connect to it i do not get an ip address, not sure where to look at from here.

Any ideas, would be great.

Thank in advance.

Labels:
0 Helpful
2 Replies 2

Seb Rupik
VIP Alumni
VIP Alumni

‎06-20-2019 07:18 AM

HI there,

Was the ASA configured to supply the DHCP leases for VLAN666, are the supplied by another device which is attached to the VLAN?

 

Can you share the full running config of the ASA?

 

cheers,

Seb.

0 Helpful

apereira
Level 1
Level 1
In response to Seb Rupik

‎06-20-2019 08:06 AM

It is a range that is supplies. I will put in the running config but i will blank out the ips. I hope by changing the ip's its not to confusing

 

: Saved

:
: Serial Number:
: Hardware: ASA5506, 4096 MB RAM, CPU Atom C2000 series 1250 MHz, 1 CPU (4 cores)
!
ASA Version 9.8(2)
!
hostname cisco
enable password
names

!
interface GigabitEthernet1/1
nameif outside
security-level 0
ip address 1.1.1.1 255.255.255.255
!
interface GigabitEthernet1/2
nameif inside
security-level 100
ip address 10.0.0.1 255.255.255.0
!
interface GigabitEthernet1/2.1
description DMZ
vlan 666
nameif dmz
security-level 50
ip address 10.0.1.1 255.255.255.0
!
interface GigabitEthernet1/3
nameif outsideBell
security-level 0
pppoe client vpdn group bel
ip address pppoe setroute
!
interface GigabitEthernet1/4
shutdown
no nameif
no security-level
no ip address
!
interface GigabitEthernet1/5
shutdown
no nameif
no security-level
no ip address
!
interface GigabitEthernet1/6
shutdown
no nameif
no security-level
no ip address
!
interface GigabitEthernet1/7
shutdown
no nameif
no security-level
no ip address
!
interface GigabitEthernet1/8
shutdown
no nameif
no security-level
no ip address
!
interface Management1/1
management-only
no nameif
no security-level
no ip address
!
ftp mode passive
clock timezone EST -5
clock summer-time EDT recurring
same-security-traffic permit inter-interface
object network obj_any
subnet 0.0.0.0 0.0.0.0
object network Web-Portal-Server
host 10.0.0.14
object service FTP-SERVICE
service tcp destination eq ftp
object service FTP-CRUSH_PORTS
service tcp destination range 2000 2100
object service RDP-SERVICE
service tcp destination eq 3389
object service rdp-service
service tcp source eq 3389
object service ftp-crush-ports
service tcp source range 2000 2100
object service ftp-service
service tcp source eq ftp
object service SFTP-Service
service tcp source eq ssh
object service sftp-service
service tcp destination eq ssh
object service https-service
service tcp source eq https
object network Prism-Web
host 10.0.0.16
object service http-service
service tcp source eq www
object network 2
host 1.1.1.2
object network 3
host 1.1.1.3
object service 8443
service tcp destination eq 8443
object service Prism_8443
service tcp source eq 8443
object network DC1
host 10.0.0.12
object network RDS-Server
host 10.0.0.19
object network 4
host 1.1.1.4
object network VPN-Server
host 10.0.0.21
object network 5
host 1.1.1.5
object network 6
host 1.1.1.6
object network PV-Server
host 10.0.0.17
object service 8403
service tcp destination eq 8403
object service 8408
service tcp destination eq 8408
object service PV_8403
service tcp source eq 8403
object service PV_8408
service tcp source eq 8408
object service 5098
service tcp destination eq 5098
description Prism Java Port
object service Prism_5098
service tcp source eq 5098
object service 5099
service tcp destination eq 5099
object service Prism_5099
service tcp source eq 5099
object network 2
host 2.2.2.2
object network LNAPM-Server
host 10.0.0.18
object network WWW-WEB-Server
host 10.0.0.22
object network 2
host 2.2.2.2
object network 7
host 1.1.1.7
object network Veriato-Server
host 10.0.0.27
object network Manage-Engine_support
host 10.0.0.26
object-group service ftp-crush-group
service-object object FTP-CRUSH_PORTS
service-object object FTP-SERVICE
object-group service PV-Group
description Primavera Ports
service-object object 8403
service-object object 8408
object-group service DM_INLINE_TCP_1 tcp
port-object eq www
port-object eq https
access-list outside_access_in extended permit tcp any object Web-Portal-Server eq https
access-list outside_access_in extended permit tcp any object RDS-Server eq https
access-list outside_access_in extended permit tcp any object VPN-Server eq https
access-list outside_access_in extended permit tcp any object LNAPM-Server eq https
access-list outside_access_in extended permit tcp any object WWW-WEB-Server object-group DM_INLINE_TCP_1
access-list outside_access_in extended permit tcp any object Veriato-Server eq https
access-list outside_access_in extended permit tcp any object Manage-Engine_support eq https
access-list outsideBell_access_in extended permit tcp any object Prism-Web eq https
access-list outsideBell_access_in extended permit object 8443 any object Prism-Web
access-list outsideBell_access_in extended permit object-group PV-Group any object PV-Server
pager lines 24
logging enable
logging asdm informational
mtu outside 1500
mtu inside 1500
mtu dmz 1500
mtu outsideBell 1500
icmp unreachable rate-limit 1 burst-size 1
no asdm history enable
arp timeout 14400
no arp permit-nonconnected
arp rate-limit 16384
nat (inside,outside) source static Web-Portal-Server interface service any https-service
nat (inside,outside) source static VPN-Server 197 service any https-service
nat (inside,outside) source static LNAPM-Server 195 service any https-service
nat (inside,outside) source static RDS-Server 196 service any https-service
nat (inside,outside) source static WWW-WEB-Server 198 service any https-service
nat (inside,outside) source static WWW-WEB-Server 198 service any http-service
nat (inside,outside) source static Veriato-Server 199 service any https-service
nat (inside,outside) source static Manage-Engine_support 200 service any https-service
nat (inside,outsideBell) source static Prism-Web interface service any https-service
nat (inside,outsideBell) source static Prism-Web interface service any Prism_8443
nat (inside,outsideBell) source static PV-Server interface service any PV_8403
nat (inside,outsideBell) source static PV-Server interface service any PV_8408
!
object network obj_any
nat (any,outsideBell) dynamic interface
access-group outside_access_in in interface outside
access-group outsideBell_access_in in interface outsideBell
route outside 0.0.0.0 0.0.0.0 1.1.1.0 2
timeout xlate 3:00:00
timeout pat-xlate 0:00:30
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 sctp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
timeout tcp-proxy-reassembly 0:01:00
timeout floating-conn 0:00:00
timeout conn-holddown 0:00:15
timeout igp stale-route 0:01:10
user-identity default-domain LOCAL
aaa authentication ssh console LOCAL
aaa authentication http console LOCAL
aaa authentication login-history
http server enable
http 10.0.0.0 255.255.255.0 inside
snmp-server host inside 10.0.0.20 community public version 2c udp-port 6556
snmp-server location Laval
no snmp-server contact
service sw-reset-button
crypto ipsec security-association pmtu-aging infinite
crypto ca trustpool policy
telnet timeout 5
no ssh stricthostkeycheck
ssh 0.0.0.0 0.0.0.0 inside
ssh timeout 5
ssh key-exchange group dh-group1-sha1
console timeout 0
vpdn group Bell request dialout pppoe
vpdn group Bell localname username
vpdn group Bell ppp authentication pap
vpdn group bel request dialout pppoe
vpdn group bel localname username
vpdn group bel ppp authentication pap
vpdn username username password

dhcpd domain lna.local interface inside
!
dhcpd address 10.0.1.5-10.0.1.200 dmz
dhcpd dns 8.8.8.8 8.8.4.4 interface dmz
dhcpd enable dmz
!
threat-detection basic-threat
threat-detection statistics access-list
no threat-detection statistics tcp-intercept
ntp server 129.6.15.30
ntp server 129.6.15.29
ntp server 129.6.15.28 source outside
dynamic-access-policy-record DfltAccessPolicy
username admin password a/i69ivzxIdOT6vW encrypted privilege 15
!
class-map global-class
match default-inspection-traffic
class-map inspection_default
match default-inspection-traffic
!
!
policy-map type inspect dns preset_dns_map
parameters
message-length maximum client auto
message-length maximum 512
no tcp-inspection
policy-map global_policy
class inspection_default
inspect dns preset_dns_map
inspect ftp
inspect h323 h225
inspect h323 ras
inspect rsh
inspect rtsp
inspect esmtp
inspect sqlnet
inspect skinny
inspect sunrpc
inspect xdmcp
inspect sip
inspect netbios
inspect tftp
inspect ip-options
policy-map global-policy
class global-class
inspect esmtp
inspect h323 h225
inspect h323 ras
inspect ip-options
inspect netbios
inspect rsh
inspect rtsp
inspect sip
inspect skinny
inspect sqlnet
inspect sunrpc
inspect tftp
inspect xdmcp
!
service-policy global_policy global
prompt hostname context
no call-home reporting anonymous
Cryptochecksum:b270ce3d7a51ee30862b3a5f8b4c7c4a
: end

 

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card